diff options
| author | Dana Robinson <derobins@hdfgroup.org> | 2018-03-13 00:56:54 (GMT) |
|---|---|---|
| committer | Dana Robinson <derobins@hdfgroup.org> | 2018-03-13 00:56:54 (GMT) |
| commit | b877534a330a201e3b5c51d97daa8e01a5c1cd3a (patch) | |
| tree | 0823bdc3769590346d483f089ed158538fd131ee /release_docs | |
| parent | 26109aad51393d2a9e6d3a667a0a3ddf8b5e874e (diff) | |
| download | hdf5-b877534a330a201e3b5c51d97daa8e01a5c1cd3a.zip hdf5-b877534a330a201e3b5c51d97daa8e01a5c1cd3a.tar.gz hdf5-b877534a330a201e3b5c51d97daa8e01a5c1cd3a.tar.bz2 | |
Added a fix for HDFFV-10358.
Diffstat (limited to 'release_docs')
| -rw-r--r-- | release_docs/RELEASE.txt | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/release_docs/RELEASE.txt b/release_docs/RELEASE.txt index a70802e..4ac4545 100644 --- a/release_docs/RELEASE.txt +++ b/release_docs/RELEASE.txt @@ -321,6 +321,23 @@ Bug Fixes since HDF5-1.10.1 release (DER - 2018/02/26, HDFFV-10357) + - If an HDF5 file contains a malformed symbol table node that declares + it contains more symbols than it actually contains, the library + can run off the end of the metadata cache buffer while processing + the symbol table node. + + This issue was reported to The HDF Group as issue #CVE-2017-17509. + + NOTE: The HDF5 C library cannot produce such a file. This condition + should only occur in a corrupt (or deliberately altered) file + or a file created by third-party software. + + Performing bounds checks on the buffer while processing fixes the + problem. Instead of the segmentation fault, the normal HDF5 error + handling is invoked. + + (DER - 2018/03/12, HDFFV-10358) + Configuration ------------- - CMake |